Correct Answer – B
AWS Organizations allows the user to automate the creation of new AWS accounts when they need to launch new workloads quickly. The administrator can add these new accounts to user-defined groups in an organization for easy categorization. For example, you can create separate groups to categorize development and production accounts. Then you can apply a Service Control Policy (SCP) to the production group allowing only access to AWS services required by production workloads.
https://aws.amazon.com/organizations/
Option A is INCORRECT because AWS CloudFormation does not aid in the automated AWS account creation. AWS CloudFormation provides a common language for the administrator to describe and provision all the infrastructure resources in their cloud environment. CloudFormation allows the administrator to use a simple text file to model and provision all the resources needed for applications across all regions and accounts. This file serves as a single source of truth for your cloud environment.
https://aws.amazon.com/cloudformation/
Option C is INCORRECT because using AWS API to programmatically create each account via command-line interface is feasible but inefficient.
The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.
https://aws.amazon.com/cli/
Option D is INCORRECT because using AWS Identity Access Management (IAM) to fulfill the task is inefficient and tedious. AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups. You can use permissions to allow and deny their access to AWS resources. IAM is a feature of your AWS account offered at no additional charge. You will be charged only for the use of other AWS services by your users.
https://aws.amazon.com/iam/